dermy-api/src/account.rs

pub mod db;

use anyhow::Result;
use axum::{
    extract::Path,
    body::Body, response::{IntoResponse, Response}, routing::{get, post}, Json, Router
};
use futures::stream::{self, StreamExt, TryStreamExt};
use serde::{Deserialize, Serialize};
use crate::ApiResult;
use db::{get_database, get_users, LogEntry, Mole, User};
use http::StatusCode;
use mongodb::bson::{doc, oid::ObjectId, to_document, Document};
use serde_json::json;

pub fn router() -> Router {
    Router::new()
        .route("/sign-in/:username",
            get(get_sign_in))
        .route("/sign-in",
            post(post_sign_in)
        )
        .route("/sign-up",
            post(post_sign_up))
        .route("/sign-out/:api",
            get(get_sign_out))
        .route("/backup/:api",
            post(post_backup)
        )
        .route("/restore/:api",
            get(get_restore)
        )
}

pub async fn auth(api: &str) -> Result<Option<User>> {
    let db = get_users().await?;

    let query = doc! {
        "$expr": { "$eq": ["$_auth._api", ObjectId::parse_str(api)?] }
    };

    Ok(db.find_one(query, None).await?)

}

#[derive(Serialize, Deserialize)]
struct BackupData {
    moles: Vec<Mole>,
    logs: Vec<LogEntry>,
}

async fn get_sign_in(Path(username): Path<String>) -> ApiResult {
    let db = get_users().await?;
    let query = doc! {
        "$expr": { "$eq": ["$username", username] }
    };

    match db.find_one(query, None).await? {
        Some(user) => {  
            Ok(Response::builder()
                .status(StatusCode::CREATED)
                .body(Json(json!({
                    "_salt": user.auth.unwrap().salt.unwrap()
                })).into_response().into_body())?)
        },
        None => {
            Ok(Response::builder()
                .status(StatusCode::NOT_FOUND)
                .body(Json(json!({
                    "_error": "User does not exist"
                })).into_response().into_body())?)
        }
    }
}

async fn post_sign_in(Json(body): Json<User>) -> ApiResult {
    let db = get_users().await?;
    let api = ObjectId::new();
    let query = doc! {
        "$expr": {
            "$and": [
                { "$eq": ["$username", body.username] },
                { "$eq": ["$_auth._hash", body.auth.unwrap_or_default().hash] }
            ]
        }
    };
    let update = doc! {
        "$set": {
            "_auth._api": api 
        }
    };

    match db.count_documents(query.clone(), None).await? {
        count if count != 0 => {
            db.update_one(query, update, None).await?;

            Ok(Response::builder()
                .status(StatusCode::OK)
                .body(Json(json!({
                    "_api_key": api.to_string()
                })).into_response().into_body())?)
        },
        _ => {
            Ok(Response::builder()
                .status(StatusCode::UNAUTHORIZED)
                .body(Json(json!({
                    "_error": "Username or password is incorrect"
                })).into_response().into_body())?)
        },
    }
}

async fn post_sign_up(Json(body): Json<User>) -> ApiResult {
    let db = get_users().await?;
    let query = doc! {
        "$expr": { "$eq": ["$username", &body.username] }
    };
    
    match db.count_documents(query, None).await? {
        count if count != 0 => {
            Ok(Response::builder()
                .status(StatusCode::NOT_ACCEPTABLE)
                .body(Json(json!({
                    "_error": "Username is already taken"
                })).into_response().into_body())?)
        },
        _ => {
            db.insert_one(body, None).await?;

            Ok(Response::builder()
                .status(StatusCode::CREATED)
                .body(Json(json!({
                    "_success": "Account created successfully"
                })).into_response().into_body())?)
        }
    }
}


async fn get_sign_out(Path(api): Path<String>) -> ApiResult {
    let db = get_users().await?;

    let query = doc! {
        "$expr": { "$eq": ["$_auth._api", ObjectId::parse_str(&api)?] }
    };
    let update = doc! {
        "$unset": {
            "_auth._api": ObjectId::new()
        }
    };

    match auth(&api).await? {
        Some(_user) => {
            db.update_one(query, update, None).await?;
            Ok(Response::builder()
                .status(StatusCode::OK)
                .body(Json(json!({
                    "_success": "Sign out successful"
                })).into_response().into_body())?)
        },
        None => {
            Ok(Response::builder()
                .status(StatusCode::NOT_ACCEPTABLE)
                .body(Json(json!({
                    "_error": "User does not exist"
                })).into_response().into_body())?)
        },
    }
}
async fn get_restore(Path(api): Path<String>) -> ApiResult {
   let db = &get_database().await?;

   match auth(&api).await? {
       Some(user) => {
           let moles: Vec<Mole> = db.collection::<Mole>("moles")
               .find(doc! { "_user_id": user.id }, None).await?.try_collect().await?;
           
           let logs: Vec<LogEntry> = stream::iter(&moles)
               .then(|mole| async move {
                   db.collection::<LogEntry>("logs")
                       .find(doc! { "_mole_id": mole.id}, None)
                       .await.unwrap()
                       .try_collect()
                       .await.unwrap_or_else(|_| vec![])
               })
               .flat_map(stream::iter).collect().await;

           Ok(Response::builder()
               .status(StatusCode::OK)
               .body(Json(json!({
                   "_moles": moles,
                   "_logs": logs
               })).into_response().into_body()).unwrap())
       },
       None => Ok(Response::builder()
                .status(StatusCode::UNAUTHORIZED)
                .body(Body::from("API Key is incorrect"))?),
   }
}

async fn post_backup(Path(api): Path<String>, Json(user_data): Json<BackupData>) -> ApiResult {

    match auth(&api).await? {
        Some(_user) => {
            let _ = backup_docs_if_new(user_data.moles, "moles").await;
            let _ = backup_docs_if_new(user_data.logs, "logs").await;

            Ok(Response::builder()
                .status(StatusCode::CREATED)
                .body(Body::from("Account backup successful"))?)
        },
        None => Ok(Response::builder()
            .status(StatusCode::UNAUTHORIZED)
            .body(Body::from("API Key is incorrect"))?),
    }
}

async fn backup_docs_if_new<T: serde::Serialize>(docs: Vec<T>, collection: &'static str) -> Result<()> {
    let _ = docs.iter()
        .map(|doc| to_document(doc).unwrap())
        .map(|doc| async move {
                let _ = insert_if_new(doc, collection).await;
        });

    Ok(())
}

async fn insert_if_new(doc: Document, collection: &str) -> Result<()> {
    let db = get_database().await?.collection(collection);

    match db.count_documents(doc.clone(), None).await? {
        0 => Some(db.insert_one(doc, None)),
        _ => None,
    };

    Ok(())
}
AuthSession in progress 2024-06-07 01:24:42 +00:00			`pub mod db;`

prediction route complete 2024-06-10 17:43:24 +00:00			`use anyhow::Result;`
refactor 2024-06-06 18:21:12 +00:00			`use axum::{`
updates 2024-06-19 22:01:01 +00:00			`extract::Path,`
prediction route complete 2024-06-10 17:43:24 +00:00			`body::Body, response::{IntoResponse, Response}, routing::{get, post}, Json, Router`
refactor 2024-06-06 18:21:12 +00:00			`};`
updates 2024-06-19 22:01:01 +00:00			`use futures::stream::{self, StreamExt, TryStreamExt};`
backup added 2024-06-10 21:05:03 +00:00			`use serde::{Deserialize, Serialize};`
updates 2024-06-08 15:36:06 +00:00			`use crate::ApiResult;`
backup added 2024-06-10 21:05:03 +00:00			`use db::{get_database, get_users, LogEntry, Mole, User};`
updates 2024-06-19 22:01:01 +00:00			`use http::StatusCode;`
backup added 2024-06-10 21:05:03 +00:00			`use mongodb::bson::{doc, oid::ObjectId, to_document, Document};`
prediction route complete 2024-06-10 17:43:24 +00:00			`use serde_json::json;`
db inits 2024-06-06 19:43:32 +00:00
refactor 2024-06-06 18:21:12 +00:00			`pub fn router() -> Router {`
			`Router::new()`
updates 2024-06-19 22:01:01 +00:00			`.route("/sign-in/:username",`
			`get(get_sign_in))`
refactor 2024-06-06 18:21:12 +00:00			`.route("/sign-in",`
updates 2024-06-19 22:01:01 +00:00			`post(post_sign_in)`
refactor 2024-06-06 18:21:12 +00:00			`)`
auth loop complete 2024-06-07 21:29:49 +00:00			`.route("/sign-up",`
			`post(post_sign_up))`
updates 2024-06-19 22:01:01 +00:00			`.route("/sign-out/:api",`
			`get(get_sign_out))`
			`.route("/backup/:api",`
refactor 2024-06-06 18:21:12 +00:00			`post(post_backup)`
			`)`
updates 2024-06-19 22:01:01 +00:00			`.route("/restore/:api",`
refactor 2024-06-06 18:21:12 +00:00			`get(get_restore)`
			`)`
			`}`

prediction route complete 2024-06-10 17:43:24 +00:00			`pub async fn auth(api: &str) -> Result<Option<User>> {`
			`let db = get_users().await?;`

			`let query = doc! {`
			`"$expr": { "$eq": ["$_auth._api", ObjectId::parse_str(api)?] }`
			`};`

			`Ok(db.find_one(query, None).await?)`

			`}`

backup added 2024-06-10 21:05:03 +00:00			`#[derive(Serialize, Deserialize)]`
			`struct BackupData {`
			`moles: Vec<Mole>,`
			`logs: Vec<LogEntry>,`
			`}`
prediction route complete 2024-06-10 17:43:24 +00:00
updates 2024-06-19 22:01:01 +00:00			`async fn get_sign_in(Path(username): Path<String>) -> ApiResult {`
get salt 2024-06-07 15:37:00 +00:00			`let db = get_users().await?;`
auth loop complete 2024-06-07 21:29:49 +00:00			`let query = doc! {`
updates 2024-06-19 22:01:01 +00:00			`"$expr": { "$eq": ["$username", username] }`
auth loop complete 2024-06-07 21:29:49 +00:00			`};`
get salt 2024-06-07 15:37:00 +00:00
			`match db.find_one(query, None).await? {`
auth loop complete 2024-06-07 21:29:49 +00:00			`Some(user) => {`
account finished, logging added 2024-06-07 17:59:35 +00:00			`Ok(Response::builder()`
			`.status(StatusCode::CREATED)`
prediction route complete 2024-06-10 17:43:24 +00:00			`.body(Json(json!({`
			`"_salt": user.auth.unwrap().salt.unwrap()`
			`})).into_response().into_body())?)`
get salt 2024-06-07 15:37:00 +00:00			`},`
			`None => {`
account finished, logging added 2024-06-07 17:59:35 +00:00			`Ok(Response::builder()`
			`.status(StatusCode::NOT_FOUND)`
updates 2024-06-19 22:01:01 +00:00			`.body(Json(json!({`
			`"_error": "User does not exist"`
			`})).into_response().into_body())?)`
get salt 2024-06-07 15:37:00 +00:00			`}`
			`}`
			`}`
signin, signout, signup 2024-06-07 14:30:16 +00:00
prediction route complete 2024-06-10 17:43:24 +00:00			`async fn post_sign_in(Json(body): Json<User>) -> ApiResult {`
get salt 2024-06-07 15:37:00 +00:00			`let db = get_users().await?;`
auth loop complete 2024-06-07 21:29:49 +00:00			`let api = ObjectId::new();`
			`let query = doc! {`
			`"$expr": {`
			`"$and": [`
updates 2024-06-19 22:01:01 +00:00			`{ "$eq": ["$username", body.username] },`
			`{ "$eq": ["$_auth._hash", body.auth.unwrap_or_default().hash] }`
auth loop complete 2024-06-07 21:29:49 +00:00			`]`
			`}`
			`};`
			`let update = doc! {`
			`"$set": {`
			`"_auth._api": api`
			`}`
			`};`
get salt 2024-06-07 15:37:00 +00:00
backup added 2024-06-10 21:05:03 +00:00			`match db.count_documents(query.clone(), None).await? {`
			`count if count != 0 => {`
auth loop complete 2024-06-07 21:29:49 +00:00			`db.update_one(query, update, None).await?;`
account finished, logging added 2024-06-07 17:59:35 +00:00
			`Ok(Response::builder()`
			`.status(StatusCode::OK)`
prediction route complete 2024-06-10 17:43:24 +00:00			`.body(Json(json!({`
			`"_api_key": api.to_string()`
			`})).into_response().into_body())?)`
signin, signout, signup 2024-06-07 14:30:16 +00:00			`},`
backup added 2024-06-10 21:05:03 +00:00			`_ => {`
account finished, logging added 2024-06-07 17:59:35 +00:00			`Ok(Response::builder()`
			`.status(StatusCode::UNAUTHORIZED)`
updates 2024-06-19 22:01:01 +00:00			`.body(Json(json!({`
			`"_error": "Username or password is incorrect"`
			`})).into_response().into_body())?)`
account finished, logging added 2024-06-07 17:59:35 +00:00			`},`
			`}`
signin, signout, signup 2024-06-07 14:30:16 +00:00			`}`
refactor 2024-06-06 18:21:12 +00:00
prediction route complete 2024-06-10 17:43:24 +00:00			`async fn post_sign_up(Json(body): Json<User>) -> ApiResult {`
get salt 2024-06-07 15:37:00 +00:00			`let db = get_users().await?;`
auth loop complete 2024-06-07 21:29:49 +00:00			`let query = doc! {`
updates 2024-06-19 22:01:01 +00:00			`"$expr": { "$eq": ["$username", &body.username] }`
auth loop complete 2024-06-07 21:29:49 +00:00			`};`
signin, signout, signup 2024-06-07 14:30:16 +00:00
backup added 2024-06-10 21:05:03 +00:00			`match db.count_documents(query, None).await? {`
			`count if count != 0 => {`
account finished, logging added 2024-06-07 17:59:35 +00:00			`Ok(Response::builder()`
			`.status(StatusCode::NOT_ACCEPTABLE)`
updates 2024-06-19 22:01:01 +00:00			`.body(Json(json!({`
			`"_error": "Username is already taken"`
			`})).into_response().into_body())?)`
signin, signout, signup 2024-06-07 14:30:16 +00:00			`},`
backup added 2024-06-10 21:05:03 +00:00			`_ => {`
account finished, logging added 2024-06-07 17:59:35 +00:00			`db.insert_one(body, None).await?;`
auth loop complete 2024-06-07 21:29:49 +00:00
account finished, logging added 2024-06-07 17:59:35 +00:00			`Ok(Response::builder()`
			`.status(StatusCode::CREATED)`
updates 2024-06-19 22:01:01 +00:00			`.body(Json(json!({`
			`"_success": "Account created successfully"`
			`})).into_response().into_body())?)`
signin, signout, signup 2024-06-07 14:30:16 +00:00			`}`
			`}`
			`}`
refactor 2024-06-06 18:21:12 +00:00
AuthSession in progress 2024-06-07 01:24:42 +00:00
updates 2024-06-19 22:01:01 +00:00			`async fn get_sign_out(Path(api): Path<String>) -> ApiResult {`
auth loop complete 2024-06-07 21:29:49 +00:00			`let db = get_users().await?;`

			`let query = doc! {`
updates 2024-06-19 22:01:01 +00:00			`"$expr": { "$eq": ["$_auth._api", ObjectId::parse_str(&api)?] }`
auth loop complete 2024-06-07 21:29:49 +00:00			`};`
			`let update = doc! {`
			`"$unset": {`
			`"_auth._api": ObjectId::new()`
			`}`
			`};`
account finished, logging added 2024-06-07 17:59:35 +00:00
updates 2024-06-19 22:01:01 +00:00			`match auth(&api).await? {`
auth loop complete 2024-06-07 21:29:49 +00:00			`Some(_user) => {`
			`db.update_one(query, update, None).await?;`
account finished, logging added 2024-06-07 17:59:35 +00:00			`Ok(Response::builder()`
			`.status(StatusCode::OK)`
updates 2024-06-19 22:01:01 +00:00			`.body(Json(json!({`
			`"_success": "Sign out successful"`
			`})).into_response().into_body())?)`
account finished, logging added 2024-06-07 17:59:35 +00:00			`},`
auth loop complete 2024-06-07 21:29:49 +00:00			`None => {`
account finished, logging added 2024-06-07 17:59:35 +00:00			`Ok(Response::builder()`
			`.status(StatusCode::NOT_ACCEPTABLE)`
updates 2024-06-19 22:01:01 +00:00			`.body(Json(json!({`
			`"_error": "User does not exist"`
			`})).into_response().into_body())?)`
signin, signout, signup 2024-06-07 14:30:16 +00:00			`},`
			`}`
AuthSession in progress 2024-06-07 01:24:42 +00:00			`}`
updates 2024-06-19 22:01:01 +00:00			`async fn get_restore(Path(api): Path<String>) -> ApiResult {`
added restore handler 2024-06-11 17:26:50 +00:00			`let db = &get_database().await?;`

updates 2024-06-19 22:01:01 +00:00			`match auth(&api).await? {`
added restore handler 2024-06-11 17:26:50 +00:00			`Some(user) => {`
			`let moles: Vec<Mole> = db.collection::<Mole>("moles")`
			`.find(doc! { "_user_id": user.id }, None).await?.try_collect().await?;`

			`let logs: Vec<LogEntry> = stream::iter(&moles)`
			`.then(\|mole\| async move {`
			`db.collection::<LogEntry>("logs")`
			`.find(doc! { "_mole_id": mole.id}, None)`
			`.await.unwrap()`
			`.try_collect()`
			`.await.unwrap_or_else(\|_\| vec![])`
			`})`
			`.flat_map(stream::iter).collect().await;`

			`Ok(Response::builder()`
			`.status(StatusCode::OK)`
			`.body(Json(json!({`
			`"_moles": moles,`
			`"_logs": logs`
			`})).into_response().into_body()).unwrap())`
			`},`
			`None => Ok(Response::builder()`
			`.status(StatusCode::UNAUTHORIZED)`
			`.body(Body::from("API Key is incorrect"))?),`
			`}`
backup added 2024-06-10 21:05:03 +00:00			`}`

updates 2024-06-19 22:01:01 +00:00			`async fn post_backup(Path(api): Path<String>, Json(user_data): Json<BackupData>) -> ApiResult {`
backup added 2024-06-10 21:05:03 +00:00
updates 2024-06-19 22:01:01 +00:00			`match auth(&api).await? {`
backup added 2024-06-10 21:05:03 +00:00			`Some(_user) => {`
			`let _ = backup_docs_if_new(user_data.moles, "moles").await;`
			`let _ = backup_docs_if_new(user_data.logs, "logs").await;`

			`Ok(Response::builder()`
			`.status(StatusCode::CREATED)`
			`.body(Body::from("Account backup successful"))?)`
			`},`
			`None => Ok(Response::builder()`
			`.status(StatusCode::UNAUTHORIZED)`
			`.body(Body::from("API Key is incorrect"))?),`
			`}`
			`}`

			`async fn backup_docs_if_new<T: serde::Serialize>(docs: Vec<T>, collection: &'static str) -> Result<()> {`
			`let _ = docs.iter()`
			`.map(\|doc\| to_document(doc).unwrap())`
added restore handler 2024-06-11 17:26:50 +00:00			`.map(\|doc\| async move {`
backup added 2024-06-10 21:05:03 +00:00			`let _ = insert_if_new(doc, collection).await;`
			`});`
signin, signout, signup 2024-06-07 14:30:16 +00:00
backup added 2024-06-10 21:05:03 +00:00			`Ok(())`
			`}`

			`async fn insert_if_new(doc: Document, collection: &str) -> Result<()> {`
			`let db = get_database().await?.collection(collection);`

			`match db.count_documents(doc.clone(), None).await? {`
			`0 => Some(db.insert_one(doc, None)),`
			`_ => None,`
			`};`

			`Ok(())`
			`}`